BuddyDev

Search

[Resolved] BuddyPress Private Message Rate Limiter – Group Admin Override

  • Participant
    Level: Enlightened
    Posts: 64
    Graham on March 19, 2018 at 3:04 pm #13964

    Hi Brajesh,

    One of my sites recently got hacked and a subscriber sent a private message to every member, nearly 300 people.

    I had your plugin from another site I was using, so I installed it and set it to 10 messages in 12 hours.

    One of the Group Admins said they use the messaging system to notify members of events and that limit would hurt them.

    So I tried to figure out a way to make an exception for Group Admins and anyone else who was given event creation ability through a custom WP role.

    Those people have the permission “edit_files” so I used that to create the exception. Now they are not subject to the throttling.

    Thought you may be interested in how I did it. You can see the file at https://pastebin.com/JfmdGjE4

    There are two extra checks at lines 160 and 275.

    Works a treat.

  • Participant
    Level: Enlightened
    Posts: 64
    Graham on March 19, 2018 at 3:12 pm #13966

    Realized I was exposing the whole plugin code on pastebin, so I edited it.

    The lines are now 16 and 52.

  • Keymaster
    (BuddyDev Team)
    Posts: 24211
    Brajesh Singh on March 20, 2018 at 2:55 pm #13982

    Thank you for sharing Graham.

    I see you are using current_user_can( edit_files ). It’s a good choice(depending on your specific site).

    I will suggest quoting the string for cap though. current_user_can( ‘edit_files’ )

    Best Regards
    Brajesh

  • Participant
    Level: Enlightened
    Posts: 64
    Graham on March 20, 2018 at 3:23 pm #13984

    Thanks.

    Did that and still works.

  • Keymaster
    (BuddyDev Team)
    Posts: 24211
    Brajesh Singh on March 20, 2018 at 5:43 pm #13987

    🙂

The topic ‘ [Resolved] BuddyPress Private Message Rate Limiter – Group Admin Override’ is closed to new replies.

This topic is: resolved